DISCLAIMER: This method is best completed by an IT Team Member or Managed Service Provider.
To block 3rd party password managers across your business from your Active Directory Server using Group Policy, complete the below steps for each browser.
PREREQUISITES: Microsoft Edge ADMX files installed in your Central Store. To learn how to complete this, click here.
- Open Group Policy and target your top level User OU. Right Click, and create a new policy, and link it there.
- Name the policy something easy to identify, and press OK.
- Next, under the Settings tab, right click in the window and select “Edit…”
- Navigate to User Configuration > Policies > Administrative Templates > Microsoft Edge > Extensions, and locate Control which extensions cannot be installed, right click, and Edit
- Enable the policy, and click “Show…”
- In each box, enter the Extension ID of the password manager you want to block and click ok. Common password manager IDs below.
Bitwarden: jbkfoedolllekgbhcbcoahefnbanhhlh
1Password: dppgmdbiimibapkepcbdbmkaabgiofem
Dashlane: gehmmocbbkpblljhkekmfhjpfbkclbph
OneLogin: mpnjdddkcbccdhgahjdcjppglaecajdj
Okta: ncoafaeidnkeafiehpkfoeklhajkpgij
Keeper: lfochlioelphaglamdcakfjemolpichk
Keeper: mpfckamfocjknfipmpjdkkebpnieooca
LastPass: bbcinlkgjjkejfdpemiealijmmooekmpKeeper has published 2 extensions in the Edge Store, requiring both of the above IDs to be used when blocking the extension.
- Press Okay again on the previous window
- The policy state will now change to “Enabled”. Once done, you are finished.
It’s important to note that this is a USER POLICY, thus must be linked to a USER OU.
PREREQUISITES: Google Chrome installed on your target workstations, & Google Chrome ADMX files installed in your Central Store. To learn how to complete this, click here.
- Open Group Policy and target your top level User OU. Right Click, and create a new policy, and link it there.
- Name the policy something easy to identify, and press OK.
- Next, under the Settings tab, right click in the window and select “Edit…”
- Navigate to User Configuration > Policies > Administrative Templates > Google > Google Chrome > Extensions, and locate Configure Extension installation blacklist, right click and select edit.
- Enable the policy and click Show
- In each box, enter the Extension ID of the password manager you want to block and click ok. Common password manager IDs below.
Bitwarden: nngceckbapebfimnlniiiahkandclblb
1Password: aeblfdkhhhdcdjpifhhbdiojplfjncoa
Dashlane: fdjamakpfbbddfjaooikfcpapjohcfmg
OneLogin: ioalpmibngobedobkmbhgmadaphocjdn
Okta: glnpjglilkicbckjpbgcfkogebgllemb
Keeper: bfogiafebfohielmmehodmfbbebbbpei
LastPass: hdokiejnpimakedhajhdlcegeplioahd
- Press Okay again on the previous window
- The policy state will now change to Enabled. Once done, you are finished.
It’s important to note that this is a USER POLICY, thus must be linked to a USER OU.